Skip to main content

Certificate auto-renewal

The certificate auto-renewal feature allows you to manage your certificates by instructing DigiCert to automatically renew your certificate before your current certificate expires.

When certificate auto-renewal is enabled:

  • Your private certificates auto-renew six hours before the certificate expires.

  • Your public certificates auto-renew 14 days before the certificate expires because it requires a compliance review before the certificate can be issued.

Enable auto-renewal for certificates

This option allows you to manage your certificates more efficiently by automatically renewing them before they expire.

  1. In the Software Trust menu, go to Certificates > Certificate profiles.

  2. Select the desired certificate profile.

  3. Select the edit (blue_edit_pencil_icon.png) icon.

  4. Finish the following fields:

Field

Description

Auto-renew

Select Yes if you want all certificates created using this certificate profile to automatically renew before they expire.

Select No if you don't want any certificates created using this certificate profile to auto-renew.

Select Choose during certificate generation if you're unsure or want the option to select when you create a certificate using this certificate profile.

Auto-renew scope

Select Apply to new certificates only to apply your selected auto-renewal settings to future certificates.

Select Apply to new and existing certificates to apply your selected auto-renewal settings to future certificates and all existing certificates created with this profile.

Enable auto-renewal for a certificate

To enable auto-renewal for a certificate:

  1. In the Software Trust menu, go to Certificates > Certificates.

  2. Select the desired certificate.

  3. Select the edit (blue_edit_pencil_icon.png) icon.

  4. Under Auto-renew, select Yes to enable or No to disable.

  5. Select Update.

Note

If these options don't appear, confirm that your certificate profile meets the prerequisites to make this change.

Email notifications for certificate auto-renewal

To ensure uninterrupted security and compliance, automated email notifications are sent to keep you informed about certificate renewal activities.

Private Certificates:

Private certificates are automatically renewed six hours before expiration. An email notification is sent once the renewal is completed to confirm the update and provide next steps, if required.

The notification includes details such as the new certificate alias with the renewal version number, the new certificate expiry date, the associated keypair alias, the old certificate alias, the default certificate, and the old certificate expiry date.

Public Certificates:

Public certificates are automatically renewed 14 days prior to expiration. Email notifications are sent to keep you informed before and after the renewal process.

The notification includes details such as the certificate alias with renewal version number, the associated keypair alias, the certificate expiry date, the default certificate status, and the certificate category.

These notifications help you stay informed and provide visibility into certificate lifecycle events without requiring manual intervention.

: